Enterprises Cannot Ensure Better Security While Still Repeating the Same Old Mistakes

The threat environment is evolving rapidly across all layers – applications, servers, network, and underlying infrastructure. Alas, the cybersecurity protocols, mechanisms and overall efforts of enterprises in ensuring security across these layers are not keeping up.

I have said this in past, and I need to say this again. Harsh as it may sound, the truth is that enterprises continue to make the same mistakes of past, either in the same form or in a similar pattern.

It’s surprising as well as concerning how common some of these basic vulnerabilities are. Web applications continue to be vulnerable to SQL injection attacks. The number of attacks at the server framework level is still too high for comfort. Organizations are still too focused on ‘data at rest’, and they continue to overlook a significant part of ‘data in motion’. Security processes and protocols in many organizations have not been adapted to the changes in vulnerability landscape that have fast moved beyond traditional database, applications and network, to include devices (and now, things). Application rollout processes are also still majorly focused on functional and basic technical testing, leaving several points of vulnerability inadequately tested.

With these examples, I’m only ‘scratching the surface’. There’s a need for a major relook across the areas of cybersecurity – in security protocols, processes as well as technical redressal of the same. It also doesn’t help that enterprise IT, especially in large enterprises, lack the required competency across levels and layers to address these issues, in toto.

Needless to mention, it’s a concerning situation. Having said that, it’s not as if CISOs and technology leaders are not making the effort. However, they cannot afford for their organizations to keep making the same mistakes and hope for a more secure ecosystem.

Copyright © 2018 Greyhound Research. All rights reserved. You may share this research note using the options made available. Please don’t copy this research note (complete or parts) and distribute over the web and emails. Connect with us if you need clarifications.


Analyst:

Sanchit Vir Gogia: Sanchit is the Chief Analyst, Founder & CEO of Greyhound Research, an award-winning global research & advisory firm. To read more about him, click here.


Have a question on this or other technology and innovation topics? Wish to understand what this means for your business? Click here to engage with a Greyhound Analyst.

Like this insight? Sign up for our newsletter to get our latest insights.


Note for IT Decision Makers – Join Our Exclusive Community! Greyhound Research values your opinion and invites IT Decision Makers and Business Leaders involved in IT projects to join our exclusive, invite-only Greyhound Golden Gate (GQube) Councils. If your project is exclusive and we have your permission, we will write a research note about you and share it with the larger community. Over and beyond, this also gives you access to some of our thought-leading research and analysts. Please write to us on connect@greyhoundgroup.com and we’ll take it further from there!

Note for IT Vendors, Telecom Operators and Channel Partners – Did you see our Research Agenda? We have organised all of our insights in a way that allows you to better filter and read what works best for you. Please write to us on connect@greyhoundgroup.com and we’ll gladly share a copy of the research agenda with you.

Written by Sanchit Vir Gogia

Sanchit is the Chief Analyst, Founder & CEO of Greyhound Research, a Global, Award-Winning, Technology & Innovation Research, Advisory & Consulting Firm. Read more about Sanchit on http://bit.ly/svgworld.

Leave a Reply